Senior Product Security Engineer

Encryption Consulting LLC is expanding its portfolio team to govern and shape the cryptographic future for clients and platforms. The Senior Product Security Engineer will own and execute key cryptographic modernization initiatives, acting as the primary enabler for product and solution teams across the company's portfolio.

Responsibilities:

• Act as the primary technical owner for auditing Go‑based cryptographic implementations within containerized platforms, Kubernetes environments, and container runtimes (e.g., CRI‑O, Podman, Docker). You will identify and resolve cryptographic gaps where containerized applications fail to correctly leverage host FIPS‑validated or PQC‑ready providers
• Act as the primary technical owner responsible for continuing the implementation and integration of Encryption Consulting’s cryptographic inventory and discovery tools
• Partner with Principal Security Architects to define and implement scanner policies for detecting cryptographic assets in CI/CD pipelines
• Work directly with pipeline, DevOps, and data teams to integrate these tools and produce a sustainable Cryptographic Bill of Materials (CBOM) for clients and internal offerings
• Partner with product and solution teams to integrate Merkle Tree–based certificate and integrity mechanisms within Encryption Consulting’s unified security architecture
• Serve as the primary go‑to technical consultant for teams supporting enterprise solutions (PKI, CLM, HSM, Zero Trust, Cloud Security) navigating cryptographic migrations such as PQC readiness, FIPS compliance, and crypto‑agility
• Consult directly with engineers to audit codebases, analyze dependencies (e.g., python‑cryptography, Go crypto libraries), and build migration plans aligned with portfolio‑wide cryptographic policy
• Enable other teams by creating documentation, reference architectures, best‑practice guides, and office hours to scale cryptographic expertise across the organization
• Define functional requirements and partner on the integration of new cryptographic tools, including runtime instrumentation and visibility for core crypto libraries
• Track and manage critical cryptographic dependencies across the portfolio, working with platform, PKI, HSM, and cloud security teams to remove blockers and ensure successful delivery of modern cryptographic capabilities

Requirements:

• Deep, hands‑on experience in Go and Python is required
• Ability to audit cryptographic implementations in these languages and understand interactions with core C‑based libraries (OpenSSL, NSS, libcrypto)
• Broad expertise in applied cryptography, including PKI, TLS, digital signatures, key management, and certificate lifecycle management
• Strong understanding of modern cryptographic challenges, including Post‑Quantum Cryptography (PQC) and crypto‑agility
• Strong understanding of OCI specifications, Kubernetes, and how container runtimes interact with cryptographic hardware such as HSMs or kernel‑level crypto providers
• Proven ability to own and deliver complex, cross‑team technical initiatives from design through execution
• Comfortable moving between deep technical discussions with engineers and strategic roadmap conversations with security and product leadership
• A track record of building trust across teams and acting as a recognized cryptographic authority
• Demonstrated ability to enable and unblock others
• Strong analytical skills to diagnose complex cryptographic dependencies and systemic blockers across a large technology portfolio
• Experience contributing to or maintaining core cryptographic libraries or security‑focused Go projects
• Familiarity with SPIFFE/SPIRE, Sigstore/Cosign, or software supply‑chain security
• Experience with Merkle Tree implementations, binary‑level runtime analysis, or cryptographic scanning
• Familiarity with FIPS validation processes in virtualized or containerized environments